Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)
Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances.
January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
Microsoft released a small set of updates that only applied to Windows 10, Windows 11, Office, and Sharepoint. There were no standalone SSU updates and only a single development tool update for the relatively obscure Microsoft/Muzic.
Job-seeking devs targeted with fake CrowdStrike offer via email
Cryptojackers are impersonating Crowdstrike via email to get developers to unwittingly install the XMRig cryptocurrency miner on their Windows PC, the company has warned.
Banshee Stealer variant targets Russian-speaking macOS users
The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point researcher Antonis Terefos.
Preventing the next ransomware attack with help from AI
In this Help Net Security interview, Dr. Darren Williams, CEO at BlackFog, talks about how employee training plays a crucial role in preventing ransomware attacks.
The U.S. Cyber Trust Mark set to launch
The White House has announced the launch of the U.S. Cyber Trust Mark, a voluntary cybersecurity labeling program for consumer-grade internet-connected devices.
GitLab CISO on proactive monitoring and metrics for DevSecOps success
In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating security tools.
Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers
CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
Scaling penetration testing through smart automation
In this Help Net Security interview, Marko Simeonov, CEO of Plainsea, discusses how organizations can move beyond compliance-driven penetration testing toward a more strategic, risk-based approach.
UN aviation agency investigating possible data breach
The United Nation’s International Civil Aviation Organization (ICAO) confirmed on Monday that it’s “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.”
eBay CISO on managing long-term cybersecurity planning and ROI
In this Help Net Security interview, Sean Embry, CISO at eBay, discusses key aspects of cybersecurity leadership.
CISA says Treasury was the only US agency breached via BeyondTrust
The US Cybersecurity and Infrastructure Security Agency (CISA) has shared on Monday that the Treasury Department was the only US federal agency affected by the recent cybersecurity incident involving compromised BeyondTrust Remote Support SaaS instances.
Balancing proprietary and open-source tools in cyber threat research
In this Help Net Security interview, Thomas Roccia, Senior Security Researcher at Microsoft, discusses how threat research drives faster, better decision-making in cybersecurity operations.
The SBI fake banking app shows that SMS authentication has had its day
As a company fortunate enough to have and maintain our own pentesting team, we often do outreach with other organizations to assist with or provide our expertise in offensive security.
Open source worldwide: Critical maintenance gaps exposed
In this Help Net Security video, Nick Mistry, SVP and CISO of Lineaje, discusses where the deepest layers of open-source software component dependencies originate from and their critical vulnerabilities.
Users receive at least one advanced phishing link every week
Phishing remains one of the most significant cyber threats impacting organizations worldwide, according to SlashNext.
Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd
As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working together to counter threats that are beyond the scope of individual organizations.
Sara: Open-source RouterOS security inspector
Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware.
Only 26% of Europe’s top companies earn a high rating for cybersecurity
With the EU’s Digital Operational Resilience Act (DORA) deadline approaching on 17th January, 2025, Europe’s top 100 companies face an urgent cybersecurity challenge, according to SecurityScorecard.
Why an “all gas, no brakes” approach for AI use won’t work
Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, and the fear of security, regulatory and privacy risks can stymie innovation.
The top target for phishing campaigns
Despite organizations’ repeated attempts at security awareness training, with a particular emphasis on how employees can avoid being phished, in 2024 enterprise users clicked on phishing lures at a rate nearly three times higher than in 2023, according to Netskope.
Making the most of cryptography, now and in the future
Enterprise cryptography faces risks beyond just the advent of quantum computers.
Cyberbro: Open-source tool extracts IoCs and checks their reputation
Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services.
How AI and deepfakes are redefining social engineering threats
This article presents key insights from 2024 reports on the rise of phishing attacks, focusing on how advancements in AI and deepfake technology are making social engineering tactics more sophisticated.
Is healthcare cybersecurity in critical condition?
This article highlights key findings and trends in healthcare cybersecurity for 2024.
Cybersecurity jobs available right now: January 8, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
New infosec products of the week: January 10, 2025
Here’s a look at the most interesting products from the past week, featuring releases from BioConnect, BreachLock, McAfee, Netgear, and Swimlane.